Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11There is a new zero-day vulnerability in Windows
The vulnerability posted on Twitter and on GitHub also has a PoC that demonstrates one of the ways this error exploits the machine, making it impossible to boot.
SandboxEscaper, an August researcher who posted a Windows escalation error, recently discovered an unpatched Windows vulnerability on his Twitter.
The new error also has some similarities to the previous error.Windows services are often run with privileges and sometimes they perform some action on behalf of the user with a feature called impersonation.These services act as if they are using a user's privilege.Then they return to their original identities.
Both this error and the previous error that SandboxEscaper detected are based on using an improper impersonation feature, specifically the service (last time Task Scheduler, Data Sharing Service this time) to transfer the identity quickly and effectively. currently acts with advanced rights.
The latest error allows a file to overwrite another file, causing the impersonated file to be deleted, making it impossible for users who have no permissions to delete any files on the system, even those data they should not have access to.
New vulnerabilities only affect Windows 10, Server 2016 and Server 2019
The point of time with this error is very important, two actions must be done simultaneously to be successful.SandboxEscaper says that, therefore, deploying on a single-core machine may seem difficult, but with multiple-core machines it is very vulnerable to attack.The PoC of SandboxEscaper posted on GitHub will prove by deleting the Windows PCI driver.Users should not try it at an important machine because when this file is deleted, the machine cannot boot.
Data Sharing Service is only available on Windows 10, so this error will only affect Windows 10, Windows Server 2016 and Windows Server 2019. The error was previously used on malware.New errors are harder to exploit and the ability to delete files is also not useful by overwriting the file.
See more:
- The new zero-day vulnerability on Windows 10 helps hackers take control of the computer
- Security vulnerabilities - basic insights
- Good hackers find and patch the vulnerability for more than 100,000 other routers
Isabella HumphreyYou should read it
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Security vulnerabilities - basic insights
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloud
- Immediately fix critical vulnerabilities in Windows NTLM security protocol
- IBM developed a new technology to patch security holes
- Find security holes on every site with Nikto
- How to check if the computer has serious Windows 10 vulnerabilities
- Microsoft rewards $ 250,000 for any talent that discovers the new Meltdown and Specter vulnerabilities
May be interested
- If you do division by 0 on a computer, what will happen?
the video in the lesson will show you how crazy the computer is when doing calculations divided by 0. - China has at least 10 PoP presence points to hijack the network architecturechina is using bgp hijack and creating new paths for network traffic in western countries through one of their largest telecommunications companies.
- iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1apple has quietly added performance management - managing its performance on iphone 8, 8 plus and iphone x models.
- Many encrypted SSDs can be decoded without a passwordsome of crucial and samsung ssd drives have been exploited in the lab.
- Quora's question and answer page was attacked, causing 100 million users to leak personal informationaccording to channelnewsasia, quora inc., a q&a website owned by quora, was attacked on december 3, leaving information of 100 million users exposed.
- Warning: New extortion code GandCrab is attacking Vietnamese Internet usersyesterday afternoon (december 11), bkav issued a warning about a fifth generation variant of gandcrab extortion code that was attacking vietnamese internet users on a large scale.
Attack the network
New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
- Steps to fix PrintNightmare vulnerability on Windows 10
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
Steps to fix PrintNightmare vulnerability on Windows 10
Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!